<?php
$result = [];
try {
    if (!$_GET['xh']) throw new Exception('必须要提供删除记录的学号信息');
    session_start();
    $hasRight = $_SESSION['user']['xh'] === $_GET['xh'] || $_SESSION['user']['isAdmin'];//判断用户是否有修改的权限
    if (!$hasRight) throw new Exception('Sorry,你没有删除他人记录的权限。');
    $db = new PDO("mysql:host=localhost; dbname=db2;", 'root', 'root');
    $db->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC);
    $ps = $db->prepare('delete from students where xh = ? and isAdmin = 0');
    $ps->execute(array($_GET['xh']));
    if ($ps -> rowCount() === 0) throw new Exception('删除失败');//1.xh代表队记录不存在  2.删除的是管理员记录;
    if ($_SESSION['user']['xh'] === $_GET['xh']){//成功删除记录
        unset($_SESSION['user']);//删除成功登录的用户信息 ， 也就是注销用户
        $result['logout'] = true;//当前用户已注销
    }
    $result['ok'] = true;
} catch (Throwable $e) {
    $result['ok'] = false;
    $result['msg'] = $e->getMessage();
}
echo json_encode($result,JSON_UNESCAPED_UNICODE);